Author Topic: DEPLOY.CAB|factory.exe - FP  (Read 3884 times)

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1322
  • BETA FORCE MEMBER
DEPLOY.CAB|factory.exe - FP
« on: February 11, 2012, 09:18:47 AM »

Offline meidan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 2485
Re: DEPLOY.CAB|factory.exe - FP
« Reply #1 on: February 11, 2012, 09:24:12 AM »
DEPLOY.CAB|factory.exe is detected as SUSPICIOUS.

Name of detection: Suspicious[at]#1tdr7lmuwp09d (Malware:Heur.Suspicious)
CIS database: 11488


https://valkyrie.comodo.com/Result.html?sha1=a2cf027736de0bea0e9d428b50ac105830a44cc5&&query=0&&filename=DEPLOY.CAB

https://www.virustotal.com/file/1228d6b7ba25cfbdbcbd95762e93ca75a9de0c609349f32fbff154408713ecf9/analysis/1328968875/

Hi w-e-v,

Thank you for your submission. We'll check it and get back to you soon.

Kind Regards,
Erik M.

Offline meidan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 2485
Re: DEPLOY.CAB|factory.exe - FP
« Reply #2 on: February 12, 2012, 08:06:39 AM »
DEPLOY.CAB|factory.exe is detected as SUSPICIOUS.

Name of detection: Suspicious[at]#1tdr7lmuwp09d (Malware:Heur.Suspicious)
CIS database: 11488


https://valkyrie.comodo.com/Result.html?sha1=a2cf027736de0bea0e9d428b50ac105830a44cc5&&query=0&&filename=DEPLOY.CAB

https://www.virustotal.com/file/1228d6b7ba25cfbdbcbd95762e93ca75a9de0c609349f32fbff154408713ecf9/analysis/1328968875/

Hi,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <11493> of  Comodo Internet Security
Version<5.9.219863.2196> and confirm it.

Thanks.

Kind Regards,
Erik M.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1322
  • BETA FORCE MEMBER
Re: DEPLOY.CAB|factory.exe - FP
« Reply #3 on: February 12, 2012, 03:22:47 PM »
Thank you! :-TU

Offline vadimsob

  • Newbie
  • *
  • Posts: 2
Re: DEPLOY.CAB|factory.exe - FP
« Reply #4 on: March 28, 2012, 05:53:12 AM »
I get the same scan result:

Suspicious[at]#19tu3ij5vplgs
C:\DISTRIB\WINDOWSXPSP2B.RUS\SUPPORT\TOOLS\DEPLOY.CAB|factory.exe

CIS database: 11924
« Last Edit: March 28, 2012, 05:56:52 AM by vadimsob »

Offline Ravikant

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 229
Re: DEPLOY.CAB|factory.exe - FP
« Reply #5 on: March 28, 2012, 06:33:41 AM »
Hi vadimsob,


Thanks for reporting. We'll Check this.

Regards,
RaviKant

Offline Chunli

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 1822
Re: DEPLOY.CAB|factory.exe - FP
« Reply #6 on: March 28, 2012, 08:34:38 PM »
Hi,vadimsob

This is to inform you that false-positive with
(SHA1: <95f40a6979fc346dcd9d2b3ba86f60a4402ef516>)
has been fixed.
You can update to AV database Version <11932> of  Comodo Internet Security Version<5.10.228257.2253> and confirm it.

Regards,
Chunli.chen
Comodo AntiVirus Lab

Offline vadimsob

  • Newbie
  • *
  • Posts: 2
Re: DEPLOY.CAB|factory.exe - FP
« Reply #7 on: March 28, 2012, 11:42:34 PM »
Thank you, now it isn't this message appears. But what it was? Why Comodo reported about this Microsoft's file?

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek